diff options
| -rw-r--r-- | os-apply-config/ceph-storage.yaml | 2 | ||||
| -rw-r--r-- | os-apply-config/cinder-storage.yaml | 1 | ||||
| -rw-r--r-- | os-apply-config/compute.yaml | 1 | ||||
| -rw-r--r-- | os-apply-config/controller.yaml | 8 | ||||
| -rw-r--r-- | overcloud-without-mergepy.yaml | 19 | ||||
| -rw-r--r-- | puppet/cinder-storage.yaml | 1 | ||||
| -rw-r--r-- | puppet/compute.yaml | 1 | ||||
| -rw-r--r-- | puppet/controller.yaml | 35 | ||||
| -rw-r--r-- | puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml | 2 | ||||
| -rw-r--r-- | puppet/hieradata/controller.yaml | 1 |
10 files changed, 71 insertions, 0 deletions
diff --git a/os-apply-config/ceph-storage.yaml b/os-apply-config/ceph-storage.yaml index 0dbcd3e7..fc321d88 100644 --- a/os-apply-config/ceph-storage.yaml +++ b/os-apply-config/ceph-storage.yaml @@ -20,10 +20,12 @@ parameters: default: '' description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key. type: string + hidden: true CephAdminKey: default: '' description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. type: string + hidden: true CephMonitors: default: '' description: The list of ip/names to use as Ceph monitors diff --git a/os-apply-config/cinder-storage.yaml b/os-apply-config/cinder-storage.yaml index 7a686970..7f1164c4 100644 --- a/os-apply-config/cinder-storage.yaml +++ b/os-apply-config/cinder-storage.yaml @@ -87,6 +87,7 @@ parameters: RabbitPassword: default: 'guest' type: string + hidden: true RabbitUserName: default: 'guest' type: string diff --git a/os-apply-config/compute.yaml b/os-apply-config/compute.yaml index ab8f8469..ee55c587 100644 --- a/os-apply-config/compute.yaml +++ b/os-apply-config/compute.yaml @@ -185,6 +185,7 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + hidden: true NeutronCorePlugin: default: "ml2" description: | diff --git a/os-apply-config/controller.yaml b/os-apply-config/controller.yaml index 18dcc8eb..f289d9b5 100644 --- a/os-apply-config/controller.yaml +++ b/os-apply-config/controller.yaml @@ -215,9 +215,11 @@ parameters: HeatAuthEncryptionKey: description: Auth encryption key for heat-engine type: string + hidden: true HorizonSecret: description: Secret key for Django type: string + hidden: true Image: type: string default: overcloud-control @@ -317,6 +319,7 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + hidden: true NeutronCorePlugin: default: 'ml2' description: | @@ -434,6 +437,7 @@ parameters: PcsdPassword: type: string description: The password for the 'pcsd' user. + hidden: true PublicVirtualInterface: default: 'br-ex' description: > @@ -466,6 +470,10 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + RabbitFDLimit: + default: 16384 + description: Configures RabbitMQ FD limit + type: string RedisVirtualIP: type: string default: '' # Has to be here because of the ignored empty value bug diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml index cb478436..8a7ce025 100644 --- a/overcloud-without-mergepy.yaml +++ b/overcloud-without-mergepy.yaml @@ -38,10 +38,12 @@ parameters: default: '' description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key. type: string + hidden: true CephAdminKey: default: '' description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. type: string + hidden: true CinderEnableNfsBackend: default: false description: Whether to enable or not the NFS backend for Cinder @@ -50,6 +52,7 @@ parameters: default: '' description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring. type: string + hidden: true CephExternalMonHost: default: '' type: string @@ -82,6 +85,10 @@ parameters: default: http description: Protocol to use when connecting to glance, set to https for SSL. type: string + HAProxySyslogAddress: + default: /dev/log + description: Syslog address where HAproxy will send its log + type: string HorizonAllowedHosts: default: '*' description: A list of IP/Hostname allowed to connect to horizon @@ -162,6 +169,7 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + hidden: true NeutronTunnelTypes: default: 'vxlan' description: | @@ -257,6 +265,11 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + # We need to set this as string because 'unlimited' is a valid setting + RabbitFDLimit: + default: 16384 + description: Configures RabbitMQ FD limit + type: string SnmpdReadonlyUserName: default: ro_snmp_user description: The user name for SNMPd with readonly rights running on all Overcloud nodes @@ -781,6 +794,7 @@ resources: GlanceBackend: {get_param: GlanceBackend} GlanceNotifierStrategy: {get_param: GlanceNotifierStrategy} GlanceLogFile: {get_param: GlanceLogFile} + HAProxySyslogAddress: {get_param: HAProxySyslogAddress} HeatPassword: {get_param: HeatPassword} HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword} HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey} @@ -833,6 +847,7 @@ resources: RabbitCookie: {get_attr: [RabbitCookie, value]} RabbitClientUseSSL: {get_param: RabbitClientUseSSL} RabbitClientPort: {get_param: RabbitClientPort} + RabbitFDLimit: {get_param: RabbitFDLimit} SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} @@ -848,9 +863,13 @@ resources: VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} # deprecated. Use per service VIP settings instead now. PublicVirtualIP: {get_attr: [PublicVirtualIP, ip_address]} ServiceNetMap: {get_param: ServiceNetMap} + CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} + NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index 972523ae..6a869219 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -59,6 +59,7 @@ parameters: RabbitPassword: default: 'guest' type: string + hidden: true RabbitUserName: default: 'guest' type: string diff --git a/puppet/compute.yaml b/puppet/compute.yaml index 32cb0e28..2b635357 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -153,6 +153,7 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + hidden: true NeutronCorePlugin: default: 'ml2' description: | diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 8ea7053e..0bb8035b 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -14,6 +14,9 @@ parameters: description: The keystone auth secret and db password. type: string hidden: true + CeilometerApiVirtualIP: + type: string + default: '' CeilometerBackend: default: 'mongodb' description: The ceilometer backend type. @@ -28,6 +31,9 @@ parameters: description: The password for the ceilometer service and db account. type: string hidden: true + CinderApiVirtualIP: + type: string + default: '' CinderEnableNfsBackend: default: false description: Whether to enable or not the NFS backend for Cinder @@ -174,6 +180,10 @@ parameters: type: string constraints: - allowed_values: ['swift', 'file', 'rbd'] + HAProxySyslogAddress: + default: /dev/log + description: Syslog address where HAproxy will send its log + type: string HeatPassword: default: unset description: The password for the Heat service and db account, used by the Heat services. @@ -187,6 +197,7 @@ parameters: HeatAuthEncryptionKey: description: Auth encryption key for heat-engine type: string + hidden: true HorizonAllowedHosts: default: '*' description: A list of IP/Hostname allowed to connect to horizon @@ -194,6 +205,7 @@ parameters: HorizonSecret: description: Secret key for Django type: string + hidden: true Image: type: string default: overcloud-control @@ -301,6 +313,7 @@ parameters: default: 'unset' description: Shared secret to prevent spoofing type: string + hidden: true NeutronCorePlugin: default: 'ml2' description: | @@ -399,6 +412,9 @@ parameters: of VXLAN VNI IDs that are available for tenant network allocation default: ["1:1000", ] type: comma_delimited_list + NovaApiVirtualIP: + type: string + default: '' NovaPassword: default: unset description: The password for the nova service and db account, used by nova-api. @@ -414,6 +430,7 @@ parameters: PcsdPassword: type: string description: The password for the 'pcsd' user. + hidden: true PublicVirtualInterface: default: 'br-ex' description: > @@ -446,6 +463,10 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + RabbitFDLimit: + default: 16384 + description: Configures RabbitMQ FD limit + type: string RedisVirtualIP: type: string default: '' # Has to be here because of the ignored empty value bug @@ -496,6 +517,9 @@ parameters: services. hidden: true type: string + SwiftProxyVirtualIP: + type: string + default: '' SwiftReplicas: type: number default: 3 @@ -651,6 +675,7 @@ resources: input_values: bootstack_nodeid: {get_attr: [Controller, name]} neutron_enable_tunneling: {get_param: NeutronEnableTunnelling} + haproxy_log_address: {get_param: HAProxySyslogAddress} heat.watch_server_url: list_join: - '' @@ -882,6 +907,14 @@ resources: rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} rabbit_client_port: {get_param: RabbitClientPort} mongodb_no_journal: {get_param: MongoDbNoJournal} + # We need to force this into quotes or hiera will return integer causing + # the puppet module validation regexp to fail. + # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401 + rabbit_fd_limit: + str_replace: + template: "'LIMIT'" + params: + LIMIT: {get_param: RabbitFDLimit} ntp_servers: str_replace: template: '["server"]' @@ -1196,6 +1229,7 @@ resources: # Rabbit rabbitmq::node_ip_address: {get_input: rabbitmq_network} rabbitmq::erlang_cookie: {get_input: rabbit_cookie} + rabbitmq::file_limit: {get_input: rabbit_fd_limit} # Redis redis::bind: {get_input: redis_network} redis_vip: {get_input: redis_vip} @@ -1207,6 +1241,7 @@ resources: public_virtual_interface: {get_input: public_virtual_interface} tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface} tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface} + tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address} tripleo::packages::enable_install: {get_input: enable_package_install} tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade} diff --git a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml index 18295a2f..7ec2190f 100644 --- a/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml +++ b/puppet/extraconfig/pre_deploy/controller/cinder-netapp.yaml @@ -18,6 +18,7 @@ parameters: type: string CinderNetappPassword: type: string + hidden: true CinderNetappServerHostname: type: string CinderNetappServerPort: @@ -65,6 +66,7 @@ parameters: CinderNetappSaPassword: type: string default: '' + hidden: true CinderNetappStoragePools: type: string default: '' diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 90c2705f..b659ed78 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -90,6 +90,7 @@ pacemaker::resource_defaults::defaults: resource-stickiness: { value: INFINITY } # horizon +horizon::cache_backend: django.core.cache.backends.memcached.MemcachedCache horizon::django_session_engine: 'django.contrib.sessions.backends.cache' # mysql |